diff --git a/examples/resource_lacework_vulnerability_exception_host/main.tf b/examples/resource_lacework_vulnerability_exception_host/main.tf index 68b80843e..6a282aa5a 100644 --- a/examples/resource_lacework_vulnerability_exception_host/main.tf +++ b/examples/resource_lacework_vulnerability_exception_host/main.tf @@ -10,7 +10,7 @@ resource "lacework_vulnerability_exception_host" "example" { name = var.name description = var.description enabled = true - expiry = "2023-06-06T15:55:15Z" + expiry = var.expiry reason = "Accepted Risk" vulnerability_criteria { severities = ["Critical"] @@ -37,6 +37,41 @@ resource "lacework_vulnerability_exception_host" "example" { } } +resource "lacework_vulnerability_exception_host" "no_expiry" { + name = var.name + description = var.description + enabled = true + reason = "Accepted Risk" + vulnerability_criteria { + severities = ["Critical"] + cves = var.cves + package { + name = var.package_name + version = var.package_version + } + package { + name = "myPackage" + version = "2.0.0" + } + package { + name = "myOtherPackage" + version = "1.0.0" + } + fixable = true + } + resource_scope { + hostnames = ["host1", "host2"] + cluster_names = ["clust-abc", "clust-xyz"] + external_ips = ["210.12.100.5"] + namespaces = ["namespace1", "namespace2"] + } +} + +variable "expiry" { + type = string + default = "2023-06-06T15:55:15Z" +} + variable "name" { type = string default = "Terraform Host Vulnerability Exception" diff --git a/integration/resource_lacework_vulnerability_exception_host_test.go b/integration/resource_lacework_vulnerability_exception_host_test.go index 0f3e2f316..a131c318e 100644 --- a/integration/resource_lacework_vulnerability_exception_host_test.go +++ b/integration/resource_lacework_vulnerability_exception_host_test.go @@ -41,6 +41,9 @@ func TestVulnerabilityExceptionHostCreate(t *testing.T) { assert.Equal(t, "[CVE-2016-9840 CVE-2018-14599 CVE-2018-6942]", actualCves) assert.Equal(t, "[map[name:myOtherPackage version:1.0.0] map[name:myPackage version:1.0.0] map[name:myPackage version:2.0.0]]", actualPackages) + noexpiry := GetSpecificIDFromTerraResults(2, create) + assert.NotEmpty(t, noexpiry) + // Update Vulnerability Exception terraformOptions.Vars = map[string]interface{}{ "name": "Terraform Vulnerability Exception Host Test", diff --git a/lacework/resource_lacework_vulnerability_exception_container.go b/lacework/resource_lacework_vulnerability_exception_container.go index 8602e6a83..646909bef 100644 --- a/lacework/resource_lacework_vulnerability_exception_container.go +++ b/lacework/resource_lacework_vulnerability_exception_container.go @@ -240,7 +240,7 @@ func resourceLaceworkVulnerabilityExceptionContainerCreate(d *schema.ResourceDat } ) - if d.Get("expiry") != nil { + if d.Get("expiry") != nil && d.Get("expiry") != "" { expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string)) if err != nil { return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string))) @@ -345,7 +345,7 @@ func resourceLaceworkVulnerabilityExceptionContainerUpdate(d *schema.ResourceDat } ) - if d.Get("expiry") != nil { + if d.Get("expiry") != nil && d.Get("expiry") != "" { expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string)) if err != nil { return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string))) diff --git a/lacework/resource_lacework_vulnerability_exception_host.go b/lacework/resource_lacework_vulnerability_exception_host.go index f7a87d49f..564cc5555 100644 --- a/lacework/resource_lacework_vulnerability_exception_host.go +++ b/lacework/resource_lacework_vulnerability_exception_host.go @@ -229,7 +229,7 @@ func resourceLaceworkVulnerabilityExceptionHostCreate(d *schema.ResourceData, me Fixable: d.Get("vulnerability_criteria.0.fixable").(bool), } ) - if d.Get("expiry") != nil { + if d.Get("expiry") != nil && d.Get("expiry") != "" { expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string)) if err != nil { return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string))) @@ -332,7 +332,7 @@ func resourceLaceworkVulnerabilityExceptionHostUpdate(d *schema.ResourceData, me } ) - if d.Get("expiry") != nil { + if d.Get("expiry") != nil && d.Get("expiry") != "" { expiryTime, err := time.Parse(time.RFC3339, d.Get("expiry").(string)) if err != nil { return errors.Wrap(err, fmt.Sprintf("unable to parse expiry time %s", d.Get("expiry").(string)))